all: refactor tls

ssrahul96 · Oct 14, 2022 · 4b22193 · 4b22193
1 parent a1acfbb
commit 4b22193
Show file tree

Hide file tree

Showing 5 changed files with 393 additions and 313 deletions.
diff --git a/internal/home/controlinstall.go b/internal/home/controlinstall.go
@@ -424,7 +424,7 @@ func (web *Web) handleInstallConfigure(w http.ResponseWriter, r *http.Request) {
 	// moment we'll allow setting up TLS in the initial configuration or the
 	// configuration itself will use HTTPS protocol, because the underlying
 	// functions potentially restart the HTTPS server.
-	err = StartMods()
+	err = startMods()
 	if err != nil {
 		Context.firstRun = true
 		copyInstallSettings(config, curConfig)

diff --git a/internal/home/home.go b/internal/home/home.go
@@ -59,7 +59,7 @@ type homeContext struct {
 	auth       *Auth                // HTTP authentication module
 	filters    *filtering.DNSFilter // DNS filtering module
 	web        *Web                 // Web (HTTP, HTTPS) module
-	tls        *TLSMod              // TLS module
+	tls        *tlsManager          // TLS module
 	// etcHosts is an IP-hostname pairs set taken from system configuration
 	// (e.g. /etc/hosts) files.
 	etcHosts *aghnet.HostsContainer
@@ -117,7 +117,7 @@ func Main(clientBuildFS fs.FS) {
 			switch sig {
 			case syscall.SIGHUP:
 				Context.clients.Reload()
-				Context.tls.Reload()
+				Context.tls.reload()
 
 			default:
 				cleanup(context.Background())
@@ -495,9 +495,9 @@ func run(opts options, clientBuildFS fs.FS) {
 	}
 	config.Users = nil
 
-	Context.tls = tlsCreate(config.TLS)
-	if Context.tls == nil {
-		log.Fatalf("Can't initialize TLS module")
+	Context.tls, err = newTLSManager(config.TLS)
+	if err != nil {
+		log.Fatalf("initializing tls: %s", err)
 	}
 
 	Context.web, err = initWeb(opts, clientBuildFS)
@@ -507,7 +507,7 @@ func run(opts options, clientBuildFS fs.FS) {
 		err = initDNSServer()
 		fatalOnError(err)
 
-		Context.tls.Start()
+		Context.tls.start()
 
 		go func() {
 			serr := startDNSServer()
@@ -531,20 +531,22 @@ func run(opts options, clientBuildFS fs.FS) {
 	select {}
 }
 
-// StartMods initializes and starts the DNS server after installation.
-func StartMods() error {
+// startMods initializes and starts the DNS server after installation.
+func startMods() error {
 	err := initDNSServer()
 	if err != nil {
 		return err
 	}
 
-	Context.tls.Start()
+	Context.tls.start()
 
 	err = startDNSServer()
 	if err != nil {
 		closeDNSServer()
+
 		return err
 	}
+
 	return nil
 }
 
@@ -728,7 +730,6 @@ func cleanup(ctx context.Context) {
 	}
 
 	if Context.tls != nil {
-		Context.tls.Close()
 		Context.tls = nil
 	}
 }
@@ -738,7 +739,8 @@ func cleanupAlways() {
 	if len(Context.pidFileName) != 0 {
 		_ = os.Remove(Context.pidFileName)
 	}
-	log.Info("Stopped")
+
+	log.Info("stopped")
 }
 
 func exitWithError() {

diff --git a/internal/home/mobileconfig_test.go b/internal/home/mobileconfig_test.go
@@ -32,7 +32,7 @@ func setupDNSIPs(t testing.TB) {
 		},
 	}
 
-	Context.tls = &TLSMod{}
+	Context.tls = &tlsManager{}
 }
 
 func TestHandleMobileConfigDoH(t *testing.T) {
@@ -65,7 +65,7 @@ func TestHandleMobileConfigDoH(t *testing.T) {
 		oldTLSConf := Context.tls
 		t.Cleanup(func() { Context.tls = oldTLSConf })
 
-		Context.tls = &TLSMod{conf: tlsConfigSettings{}}
+		Context.tls = &tlsManager{conf: tlsConfigSettings{}}
 
 		r, err := http.NewRequest(http.MethodGet, "https://example.com:12345/apple/doh.mobileconfig", nil)
 		require.NoError(t, err)
@@ -137,7 +137,7 @@ func TestHandleMobileConfigDoT(t *testing.T) {
 		oldTLSConf := Context.tls
 		t.Cleanup(func() { Context.tls = oldTLSConf })
 
-		Context.tls = &TLSMod{conf: tlsConfigSettings{}}
+		Context.tls = &tlsManager{conf: tlsConfigSettings{}}
 
 		r, err := http.NewRequest(http.MethodGet, "https://example.com:12345/apple/dot.mobileconfig", nil)
 		require.NoError(t, err)